Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rgl/tinkerbell-k8s-vagrant

tinkerbell k8s playground
https://github.com/rgl/tinkerbell-k8s-vagrant

k3s k8s tinkerbell vagrant

Last synced: 11 days ago
JSON representation

tinkerbell k8s playground

Awesome Lists containing this project

README

        

# About

This is a [tinkerbell](https://github.com/tinkerbell) on [k3s](https://github.com/k3s-io/k3s) kubernetes cluster playground wrapped in a Vagrant environment.

# Usage

Configure the host machine `hosts` file with:

```
10.11.0.4 registry.example.test
10.11.0.10 s.example.test
10.11.0.50 traefik.example.test
10.11.0.50 kubernetes-dashboard.example.test
```

Install the base [Debian 11 (Bullseye) vagrant box](https://github.com/rgl/debian-vagrant).

Optionally, connect the environment to the physical network through the host `br-lan` bridge. The environment assumes that the host bridge was configured as:

```bash
sudo -i
# review the configuration in the files at /etc/netplan and replace them all
# with a single configuration file:
ls -laF /etc/netplan
upstream_interface=eth0
upstream_mac=$(ip link show $upstream_interface | perl -ne '/ether ([^ ]+)/ && print $1')
cat >/etc/netplan/00-config.yaml < 50061/TCP 25h
# tink-server ClusterIP 10.13.186.115 42113/TCP 25h
# boots LoadBalancer 10.13.65.159 10.11.0.60 80:32001/TCP,514:31255/UDP,67:30362/UDP,69:30225/UDP 25h
# tink-stack LoadBalancer 10.13.226.115 10.11.0.61 50061:31034/TCP,42113:31407/TCP,8080:31947/TCP 25h
wget -qO- http://10.11.0.60/auto.ipxe # boots ipxe script.
wget -q http://10.11.0.61:8080/vmlinuz-x86_64 # hook osie.
wget -q http://10.11.0.61:8080/initramfs-x86_64 # hook osie.
```

List this repository dependencies (and which have newer versions):

```bash
export GITHUB_COM_TOKEN='YOUR_GITHUB_PERSONAL_TOKEN'
./renovate.sh
```

## Traefik Dashboard

Access the Traefik Dashboard at:

https://traefik.example.test/dashboard/

## Rancher Server

Access the Rancher Server at:

https://s.example.test:6443

**NB** This is a proxy to the k8s API server (which is running in port 6444).

**NB** You must use the client certificate that is inside the `tmp/admin.conf`,
`tmp/*.pem`, or `/etc/rancher/k3s/k3s.yaml` (inside the `s1` machine) file.

Access the rancher server using the client certificate with httpie:

```bash
http \
--verify tmp/default-ca-crt.pem \
--cert tmp/default-crt.pem \
--cert-key tmp/default-key.pem \
https://s.example.test:6443
```

Or with curl:

```bash
curl \
--cacert tmp/default-ca-crt.pem \
--cert tmp/default-crt.pem \
--key tmp/default-key.pem \
https://s.example.test:6443
```

## Kubernetes Dashboard

Access the Kubernetes Dashboard at:

https://kubernetes-dashboard.example.test

Then select `Token` and use the contents of `tmp/admin-token.txt` as the token.

You can also launch the kubernetes API server proxy in background:

```bash
export KUBECONFIG=$PWD/tmp/admin.conf
kubectl proxy &
```

And access the kubernetes dashboard at:

http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

## K9s Dashboard

The [K9s](https://github.com/derailed/k9s) console UI dashboard is also
installed in the server node. You can access it by running:

```bash
vagrant ssh s1
sudo su -l
k9s
```

# Notes

* k3s has a custom k8s authenticator module that does user authentication from `/var/lib/rancher/k3s/server/cred/passwd`.

# Reference

* [k3s Installation and Configuration Options](https://rancher.com/docs/k3s/latest/en/installation/install-options/)
* [k3s Advanced Options and Configuration](https://rancher.com/docs/k3s/latest/en/advanced/)
* [k3s Under the Hood: Building a Product-grade Lightweight Kubernetes Distro (KubeCon NA 2019)](https://www.youtube.com/watch?v=-HchRyqNtkU)